logstash-input-http 3.4.5-java → 3.6.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/VERSION +1 -1
- data/docs/index.asciidoc +47 -14
- data/lib/logstash/inputs/http/tls.rb +2 -1
- data/lib/logstash/inputs/http.rb +62 -29
- data/lib/logstash-input-http_jars.rb +1 -1
- data/logstash-input-http.gemspec +1 -1
- data/spec/fixtures/certs/generate.sh +40 -0
- data/spec/fixtures/certs/generated/README.txt +2 -0
- data/spec/fixtures/certs/generated/client_from_root.crt +35 -0
- data/spec/fixtures/certs/generated/client_from_root.jks +0 -0
- data/spec/fixtures/certs/generated/client_from_root.key +51 -0
- data/spec/fixtures/certs/generated/client_from_root.key.pkcs8 +52 -0
- data/spec/fixtures/certs/generated/client_from_root.p12 +0 -0
- data/spec/fixtures/certs/generated/root.crt +32 -0
- data/spec/fixtures/certs/generated/root.key +51 -0
- data/spec/fixtures/certs/generated/root.key.pkcs8 +52 -0
- data/spec/fixtures/certs/generated/server_from_root.crt +37 -0
- data/spec/fixtures/certs/generated/server_from_root.key +51 -0
- data/spec/fixtures/certs/generated/server_from_root.key.pkcs8 +52 -0
- data/spec/fixtures/certs/openssl.cnf +47 -0
- data/spec/inputs/http_spec.rb +243 -29
- data/vendor/jar-dependencies/org/logstash/plugins/input/http/logstash-input-http/{3.4.5/logstash-input-http-3.4.5.jar → 3.6.0/logstash-input-http-3.6.0.jar} +0 -0
- metadata +31 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: aa318266e4bda14335b9ff0a9334d984e0a52cecaefa7037a064aef4e8df7015
|
|
4
|
+
data.tar.gz: efe4a565498fda944f2b2e9a91813a2ecc70ed9b4a89bae7ba2730221eef8549
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b52359e3a884877733f41ce7885bba97dc578db0c4fbdf708a498a13cc06a38efc319b2e72f5f788d6287f0c8a33f419a811e01776661e1eea313682948439d7
|
|
7
|
+
data.tar.gz: e953789900e9f5d98593c3d83ad1d100b83433abf109a708c90c2eb04291d18f1339419a6f498a830103ba894bac03a02944094495873260a9cfab9c1c8ae666
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
## 3.6.0
|
|
2
|
+
- Feat: review and deprecate ssl protocol/cipher related settings [#151](https://github.com/logstash-plugins/logstash-input-http/pull/151)
|
|
3
|
+
|
|
4
|
+
## 3.5.1
|
|
5
|
+
- Fix: codecs provided with `additional_codecs` now correctly run in the pipeline's context, which means that they respect the `pipeline.ecs_compatibility` setting [#152](https://github.com/logstash-plugins/logstash-input-http/pull/152)
|
|
6
|
+
|
|
7
|
+
## 3.5.0
|
|
8
|
+
- Feat: TLSv1.3 support [#146](https://github.com/logstash-plugins/logstash-input-http/pull/146)
|
|
9
|
+
|
|
1
10
|
## 3.4.5
|
|
2
11
|
- Build: do not package log4j-api dependency [#149](https://github.com/logstash-plugins/logstash-input-http/pull/149).
|
|
3
12
|
Logstash provides the log4j framework and the dependency is not needed except testing and compiling.
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.
|
|
1
|
+
3.6.0
|
data/docs/index.asciidoc
CHANGED
|
@@ -104,9 +104,11 @@ This plugin supports the following configuration options plus the <<plugins-{typ
|
|
|
104
104
|
| <<plugins-{type}s-{plugin}-ssl>> |<<boolean,boolean>>|No
|
|
105
105
|
| <<plugins-{type}s-{plugin}-ssl_certificate>> |a valid filesystem path|No
|
|
106
106
|
| <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> |<<array,array>>|No
|
|
107
|
+
| <<plugins-{type}s-{plugin}-ssl_cipher_suites>> |<<array,array>>|No
|
|
107
108
|
| <<plugins-{type}s-{plugin}-ssl_handshake_timeout>> |<<number,number>>|No
|
|
108
109
|
| <<plugins-{type}s-{plugin}-ssl_key>> |a valid filesystem path|No
|
|
109
110
|
| <<plugins-{type}s-{plugin}-ssl_key_passphrase>> |<<password,password>>|No
|
|
111
|
+
| <<plugins-{type}s-{plugin}-ssl_supported_protocols>> |<<array,array>>|No
|
|
110
112
|
| <<plugins-{type}s-{plugin}-ssl_verify_mode>> |<<string,string>>, one of `["none", "peer", "force_peer"]`|No
|
|
111
113
|
| <<plugins-{type}s-{plugin}-threads>> |<<number,number>>|No
|
|
112
114
|
| <<plugins-{type}s-{plugin}-tls_max_version>> |<<number,number>>|No
|
|
@@ -134,17 +136,20 @@ and no codec for the request's content-type is found
|
|
|
134
136
|
===== `cipher_suites`
|
|
135
137
|
|
|
136
138
|
* Value type is <<array,array>>
|
|
137
|
-
*
|
|
139
|
+
* This option is deprecated
|
|
140
|
+
|
|
141
|
+
The list of cipher suites to use, listed by priorities.
|
|
138
142
|
|
|
139
|
-
|
|
143
|
+
NOTE: This option is deprecated and it will be removed in the next major version of Logstash.
|
|
144
|
+
Use `ssl_cipher_suites` instead.
|
|
140
145
|
|
|
141
146
|
[id="plugins-{type}s-{plugin}-ecs_compatibility"]
|
|
142
147
|
===== `ecs_compatibility`
|
|
143
148
|
|
|
144
|
-
* Value type is <<string,string>>
|
|
145
|
-
* Supported values are:
|
|
146
|
-
** `disabled`: unstructured connection metadata added at root level
|
|
147
|
-
** `v1`,`v8`: headers added under `[@metadata][http][header]`. Some are copied to structured ECS fields `http`, `url`, `user_agent` and `host`
|
|
149
|
+
* Value type is <<string,string>>
|
|
150
|
+
* Supported values are:
|
|
151
|
+
** `disabled`: unstructured connection metadata added at root level
|
|
152
|
+
** `v1`,`v8`: headers added under `[@metadata][http][header]`. Some are copied to structured ECS fields `http`, `url`, `user_agent` and `host`
|
|
148
153
|
|
|
149
154
|
Controls this plugin's compatibility with the
|
|
150
155
|
{ecs-ref}[Elastic Common Schema (ECS)].
|
|
@@ -342,6 +347,17 @@ be read and added to the trust store. You need to configure the `ssl_verify_mode
|
|
|
342
347
|
to `peer` or `force_peer` to enable the verification.
|
|
343
348
|
|
|
344
349
|
|
|
350
|
+
[id="plugins-{type}s-{plugin}-ssl_cipher_suites"]
|
|
351
|
+
===== `ssl_cipher_suites`
|
|
352
|
+
|
|
353
|
+
* Value type is <<array,array>>
|
|
354
|
+
* Default value is `['TLS_AES_256_GCM_SHA384', 'TLS_AES_128_GCM_SHA256', 'TLS_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384', 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384', 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256', 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384', 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384', 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256']`
|
|
355
|
+
|
|
356
|
+
The list of cipher suites to use, listed by priorities.
|
|
357
|
+
This default list applies for OpenJDK 11.0.14 and higher.
|
|
358
|
+
For older JDK versions, the default list includes only suites supported by that version.
|
|
359
|
+
For example, the ChaCha20 family of ciphers is not supported in older versions.
|
|
360
|
+
|
|
345
361
|
[id="plugins-{type}s-{plugin}-ssl_handshake_timeout"]
|
|
346
362
|
===== `ssl_handshake_timeout`
|
|
347
363
|
|
|
@@ -357,7 +373,7 @@ Time in milliseconds for an incomplete ssl handshake to timeout
|
|
|
357
373
|
* There is no default value for this setting.
|
|
358
374
|
|
|
359
375
|
SSL key to use.
|
|
360
|
-
NOTE: This key need to be in the PKCS8 format, you can convert it with https://www.openssl.org/docs/man1.1.
|
|
376
|
+
NOTE: This key need to be in the PKCS8 format, you can convert it with https://www.openssl.org/docs/man1.1.1/man1/openssl-pkcs8.html[OpenSSL]
|
|
361
377
|
for more information.
|
|
362
378
|
|
|
363
379
|
[id="plugins-{type}s-{plugin}-ssl_key_passphrase"]
|
|
@@ -368,6 +384,23 @@ for more information.
|
|
|
368
384
|
|
|
369
385
|
SSL key passphrase to use.
|
|
370
386
|
|
|
387
|
+
[id="plugins-{type}s-{plugin}-ssl_supported_protocols"]
|
|
388
|
+
===== `ssl_supported_protocols`
|
|
389
|
+
|
|
390
|
+
* Value type is <<array,array>>
|
|
391
|
+
* Allowed values are: `'TLSv1.1'`, `'TLSv1.2'`, `'TLSv1.3'`
|
|
392
|
+
* Default depends on the JDK being used. With up-to-date Logstash, the default is `['TLSv1.2', 'TLSv1.3']`.
|
|
393
|
+
`'TLSv1.1'` is not considered secure and is only provided for legacy applications.
|
|
394
|
+
|
|
395
|
+
List of allowed SSL/TLS versions to use when establishing a connection to the HTTP endpoint.
|
|
396
|
+
|
|
397
|
+
For Java 8 `'TLSv1.3'` is supported only since **8u262** (AdoptOpenJDK), but requires that you set the
|
|
398
|
+
`LS_JAVA_OPTS="-Djdk.tls.client.protocols=TLSv1.3"` system property in Logstash.
|
|
399
|
+
|
|
400
|
+
NOTE: If you configure the plugin to use `'TLSv1.1'` on any recent JVM, such as the one packaged with Logstash,
|
|
401
|
+
the protocol is disabled by default and needs to be enabled manually by changing `jdk.tls.disabledAlgorithms` in
|
|
402
|
+
the *$JDK_HOME/conf/security/java.security* configuration file. That is, `TLSv1.1` needs to be removed from the list.
|
|
403
|
+
|
|
371
404
|
[id="plugins-{type}s-{plugin}-ssl_verify_mode"]
|
|
372
405
|
===== `ssl_verify_mode`
|
|
373
406
|
|
|
@@ -396,19 +429,19 @@ Number of threads to use for both accepting connections and handling requests
|
|
|
396
429
|
===== `tls_max_version`
|
|
397
430
|
|
|
398
431
|
* Value type is <<number,number>>
|
|
399
|
-
*
|
|
432
|
+
* This option is deprecated
|
|
400
433
|
|
|
401
|
-
The maximum TLS version allowed for the encrypted connections.
|
|
402
|
-
1.
|
|
434
|
+
The maximum TLS version allowed for the encrypted connections.
|
|
435
|
+
The value must be the one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLSv1.3
|
|
403
436
|
|
|
404
437
|
[id="plugins-{type}s-{plugin}-tls_min_version"]
|
|
405
438
|
===== `tls_min_version`
|
|
406
439
|
|
|
407
440
|
* Value type is <<number,number>>
|
|
408
|
-
*
|
|
441
|
+
* This option is deprecated
|
|
409
442
|
|
|
410
|
-
The minimum TLS version allowed for the encrypted connections.
|
|
411
|
-
1.
|
|
443
|
+
The minimum TLS version allowed for the encrypted connections.
|
|
444
|
+
The value must be one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLSv1.3
|
|
412
445
|
|
|
413
446
|
[id="plugins-{type}s-{plugin}-user"]
|
|
414
447
|
===== `user`
|
|
@@ -427,7 +460,7 @@ Username for basic authorization
|
|
|
427
460
|
|
|
428
461
|
Set the client certificate verification method. Valid methods: none, peer, force_peer
|
|
429
462
|
|
|
430
|
-
|
|
463
|
+
NOTE: This option is deprecated and it will be removed in the next major version of Logstash.
|
|
431
464
|
Use `ssl_verify_mode` instead.
|
|
432
465
|
|
|
433
466
|
|
data/lib/logstash/inputs/http.rb
CHANGED
|
@@ -30,6 +30,7 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
30
30
|
require "logstash/inputs/http/tls"
|
|
31
31
|
|
|
32
32
|
java_import "io.netty.handler.codec.http.HttpUtil"
|
|
33
|
+
java_import 'org.logstash.plugins.inputs.http.util.SslSimpleBuilder'
|
|
33
34
|
|
|
34
35
|
config_name "http"
|
|
35
36
|
|
|
@@ -86,16 +87,11 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
86
87
|
# Time in milliseconds for an incomplete ssl handshake to timeout
|
|
87
88
|
config :ssl_handshake_timeout, :validate => :number, :default => 10000
|
|
88
89
|
|
|
89
|
-
# The minimum TLS version allowed for the encrypted connections. The value must be one of the following:
|
|
90
|
-
# 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
|
|
91
|
-
config :tls_min_version, :validate => :number, :default => TLS.min.version
|
|
92
|
-
|
|
93
|
-
# The maximum TLS version allowed for the encrypted connections. The value must be the one of the following:
|
|
94
|
-
# 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
|
|
95
|
-
config :tls_max_version, :validate => :number, :default => TLS.max.version
|
|
96
|
-
|
|
97
90
|
# The list of ciphers suite to use, listed by priorities.
|
|
98
|
-
config :
|
|
91
|
+
config :ssl_cipher_suites, :validate => SslSimpleBuilder::SUPPORTED_CIPHERS.to_a,
|
|
92
|
+
:default => SslSimpleBuilder.getDefaultCiphers, :list => true
|
|
93
|
+
|
|
94
|
+
config :ssl_supported_protocols, :validate => ['TLSv1.1', 'TLSv1.2', 'TLSv1.3'], :default => ['TLSv1.2', 'TLSv1.3'], :list => true
|
|
99
95
|
|
|
100
96
|
# Apply specific codecs for specific content types.
|
|
101
97
|
# The default codec will be applied only after this list is checked
|
|
@@ -118,14 +114,25 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
118
114
|
config :max_content_length, :validate => :number, :required => false, :default => 100 * 1024 * 1024
|
|
119
115
|
|
|
120
116
|
config :response_code, :validate => [200, 201, 202, 204], :default => 200
|
|
117
|
+
|
|
121
118
|
# Deprecated options
|
|
122
119
|
|
|
123
120
|
# The JKS keystore to validate the client's certificates
|
|
124
121
|
config :keystore, :validate => :path, :deprecated => "Set 'ssl_certificate' and 'ssl_key' instead."
|
|
125
122
|
config :keystore_password, :validate => :password, :deprecated => "Set 'ssl_key_passphrase' instead."
|
|
126
123
|
|
|
127
|
-
config :verify_mode, :validate => ['none', 'peer', 'force_peer'], :default => 'none',
|
|
128
|
-
|
|
124
|
+
config :verify_mode, :validate => ['none', 'peer', 'force_peer'], :default => 'none', :deprecated => "Set 'ssl_verify_mode' instead."
|
|
125
|
+
config :cipher_suites, :validate => :array, :default => [], :deprecated => "Set 'ssl_cipher_suites' instead."
|
|
126
|
+
|
|
127
|
+
# The minimum TLS version allowed for the encrypted connections. The value must be one of the following:
|
|
128
|
+
# 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLS 1.3
|
|
129
|
+
config :tls_min_version, :validate => :number, :default => TLS.min.version, :deprecated => "Set 'ssl_supported_protocols' instead."
|
|
130
|
+
|
|
131
|
+
# The maximum TLS version allowed for the encrypted connections. The value must be the one of the following:
|
|
132
|
+
# 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLS 1.3
|
|
133
|
+
config :tls_max_version, :validate => :number, :default => TLS.max.version, :deprecated => "Set 'ssl_supported_protocols' instead."
|
|
134
|
+
|
|
135
|
+
attr_reader :codecs
|
|
129
136
|
|
|
130
137
|
public
|
|
131
138
|
def register
|
|
@@ -140,7 +147,7 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
140
147
|
@codecs = Hash.new
|
|
141
148
|
|
|
142
149
|
@additional_codecs.each do |content_type, codec|
|
|
143
|
-
@codecs[content_type] =
|
|
150
|
+
@codecs[content_type] = initialize_codec(codec)
|
|
144
151
|
end
|
|
145
152
|
|
|
146
153
|
require "logstash/inputs/http/message_handler"
|
|
@@ -231,24 +238,45 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
231
238
|
@logger.warn("SSL Certificate will not be used") if @ssl_certificate
|
|
232
239
|
@logger.warn("SSL Key will not be used") if @ssl_key
|
|
233
240
|
@logger.warn("SSL Java Key Store will not be used") if @keystore
|
|
234
|
-
|
|
241
|
+
return # code bellow assumes `ssl => true`
|
|
242
|
+
end
|
|
243
|
+
|
|
244
|
+
if !(ssl_key_configured? || ssl_jks_configured?)
|
|
235
245
|
raise LogStash::ConfigurationError, "Certificate or JKS must be configured"
|
|
236
246
|
end
|
|
237
247
|
|
|
238
|
-
if
|
|
239
|
-
|
|
248
|
+
if original_params.key?("verify_mode") && original_params.key?("ssl_verify_mode")
|
|
249
|
+
raise LogStash::ConfigurationError, "Both `ssl_verify_mode` and (deprecated) `verify_mode` were set. Use only `ssl_verify_mode`."
|
|
240
250
|
elsif original_params.key?("verify_mode")
|
|
241
251
|
@ssl_verify_mode_final = @verify_mode
|
|
242
|
-
elsif original_params.key?("ssl_verify_mode")
|
|
243
|
-
@ssl_verify_mode_final = @ssl_verify_mode
|
|
244
252
|
else
|
|
245
253
|
@ssl_verify_mode_final = @ssl_verify_mode
|
|
246
254
|
end
|
|
247
255
|
|
|
248
|
-
if
|
|
249
|
-
raise LogStash::ConfigurationError, "
|
|
250
|
-
elsif
|
|
251
|
-
|
|
256
|
+
if original_params.key?('cipher_suites') && original_params.key?('ssl_cipher_suites')
|
|
257
|
+
raise LogStash::ConfigurationError, "Both `ssl_cipher_suites` and (deprecated) `cipher_suites` were set. Use only `ssl_cipher_suites`."
|
|
258
|
+
elsif original_params.key?('cipher_suites')
|
|
259
|
+
@ssl_cipher_suites_final = @cipher_suites
|
|
260
|
+
else
|
|
261
|
+
@ssl_cipher_suites_final = @ssl_cipher_suites
|
|
262
|
+
end
|
|
263
|
+
|
|
264
|
+
if original_params.key?('tls_min_version') && original_params.key?('ssl_supported_protocols')
|
|
265
|
+
raise LogStash::ConfigurationError, "Both `ssl_supported_protocols` and (deprecated) `tls_min_ciphers` were set. Use only `ssl_supported_protocols`."
|
|
266
|
+
elsif original_params.key?('tls_max_version') && original_params.key?('ssl_supported_protocols')
|
|
267
|
+
raise LogStash::ConfigurationError, "Both `ssl_supported_protocols` and (deprecated) `tls_max_ciphers` were set. Use only `ssl_supported_protocols`."
|
|
268
|
+
else
|
|
269
|
+
if original_params.key?('tls_min_version') || original_params.key?('tls_max_version')
|
|
270
|
+
@ssl_supported_protocols_final = TLS.get_supported(tls_min_version..tls_max_version).map(&:name)
|
|
271
|
+
else
|
|
272
|
+
@ssl_supported_protocols_final = @ssl_supported_protocols
|
|
273
|
+
end
|
|
274
|
+
end
|
|
275
|
+
|
|
276
|
+
if require_certificate_authorities? && !client_authentication?
|
|
277
|
+
raise LogStash::ConfigurationError, "Using `ssl_verify_mode` (or `verify_mode`) set to PEER or FORCE_PEER, requires the configuration of `ssl_certificate_authorities`"
|
|
278
|
+
elsif !require_certificate_authorities? && client_authentication?
|
|
279
|
+
raise LogStash::ConfigurationError, "The configuration of `ssl_certificate_authorities` requires setting `ssl_verify_mode` (or `verify_mode`) to PEER or FORCE_PEER"
|
|
252
280
|
end
|
|
253
281
|
end
|
|
254
282
|
|
|
@@ -266,7 +294,7 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
266
294
|
begin
|
|
267
295
|
ssl_builder = org.logstash.plugins.inputs.http.util.SslSimpleBuilder
|
|
268
296
|
.new(@ssl_certificate, @ssl_key, @ssl_key_passphrase.nil? ? nil : @ssl_key_passphrase.value)
|
|
269
|
-
.setCipherSuites(
|
|
297
|
+
.setCipherSuites(normalized_cipher_suites)
|
|
270
298
|
rescue java.lang.IllegalArgumentException => e
|
|
271
299
|
@logger.error("SSL configuration invalid", error_details(e))
|
|
272
300
|
raise LogStash::ConfigurationError, e
|
|
@@ -298,19 +326,15 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
298
326
|
|
|
299
327
|
private
|
|
300
328
|
|
|
301
|
-
def
|
|
302
|
-
@
|
|
303
|
-
end
|
|
304
|
-
|
|
305
|
-
def convert_protocols
|
|
306
|
-
TLS.get_supported(@tls_min_version..@tls_max_version).map(&:name)
|
|
329
|
+
def normalized_cipher_suites
|
|
330
|
+
@ssl_cipher_suites_final.map(&:upcase)
|
|
307
331
|
end
|
|
308
332
|
|
|
309
333
|
def new_ssl_handshake_provider(ssl_builder)
|
|
310
334
|
begin
|
|
311
335
|
ssl_handler_provider = org.logstash.plugins.inputs.http.util.SslHandlerProvider.new(ssl_builder.build())
|
|
312
336
|
ssl_handler_provider.setVerifyMode(@ssl_verify_mode_final.upcase)
|
|
313
|
-
ssl_handler_provider.setProtocols(
|
|
337
|
+
ssl_handler_provider.setProtocols(@ssl_supported_protocols_final)
|
|
314
338
|
ssl_handler_provider.setHandshakeTimeoutMilliseconds(@ssl_handshake_timeout)
|
|
315
339
|
ssl_handler_provider
|
|
316
340
|
rescue java.lang.IllegalArgumentException => e
|
|
@@ -333,4 +357,13 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
333
357
|
error_details
|
|
334
358
|
end
|
|
335
359
|
|
|
360
|
+
def initialize_codec(codec_name)
|
|
361
|
+
codec_klass = LogStash::Plugin.lookup("codec", codec_name)
|
|
362
|
+
if defined?(::LogStash::Plugins::Contextualizer)
|
|
363
|
+
::LogStash::Plugins::Contextualizer.initialize_plugin(execution_context, codec_klass)
|
|
364
|
+
else
|
|
365
|
+
codec_klass.new
|
|
366
|
+
end
|
|
367
|
+
end
|
|
368
|
+
|
|
336
369
|
end # class LogStash::Inputs::Http
|
data/logstash-input-http.gemspec
CHANGED
|
@@ -2,7 +2,7 @@ HTTP_INPUT_VERSION = File.read(File.expand_path(File.join(File.dirname(__FILE__)
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = 'logstash-input-http'
|
|
5
|
-
s.version
|
|
5
|
+
s.version = HTTP_INPUT_VERSION
|
|
6
6
|
s.licenses = ['Apache License (2.0)']
|
|
7
7
|
s.summary = "Receives events over HTTP or HTTPS"
|
|
8
8
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
# warning: do not use the certificates produced by this tool in production.
|
|
2
|
+
# This is for testing purposes only
|
|
3
|
+
set -e
|
|
4
|
+
|
|
5
|
+
rm -rf generated
|
|
6
|
+
mkdir generated
|
|
7
|
+
cd generated
|
|
8
|
+
|
|
9
|
+
echo "GENERATED CERTIFICATES FOR TESTING ONLY." >> ./README.txt
|
|
10
|
+
echo "DO NOT USE THESE CERTIFICATES IN PRODUCTION" >> ./README.txt
|
|
11
|
+
|
|
12
|
+
# certificate authority
|
|
13
|
+
openssl genrsa -out root.key 4096
|
|
14
|
+
openssl req -new -x509 -days 1826 -extensions ca -key root.key -out root.crt -subj "/C=LS/ST=NA/L=Http Input/O=Logstash/CN=root" -config ../openssl.cnf
|
|
15
|
+
|
|
16
|
+
# server certificate from root
|
|
17
|
+
openssl genrsa -out server_from_root.key 4096
|
|
18
|
+
openssl req -new -key server_from_root.key -out server_from_root.csr -subj "/C=LS/ST=NA/L=Http Input/O=Logstash/CN=server" -config ../openssl.cnf
|
|
19
|
+
openssl x509 -req -extensions server_cert -extfile ../openssl.cnf -days 1096 -in server_from_root.csr -CA root.crt -CAkey root.key -set_serial 03 -out server_from_root.crt
|
|
20
|
+
|
|
21
|
+
# client certificate from root
|
|
22
|
+
openssl genrsa -out client_from_root.key 4096
|
|
23
|
+
openssl req -new -key client_from_root.key -out client_from_root.csr -subj "/C=LS/ST=NA/L=Http Input/O=Logstash/CN=client" -config ../openssl.cnf
|
|
24
|
+
openssl x509 -req -extensions client_cert -extfile ../openssl.cnf -days 1096 -in client_from_root.csr -CA root.crt -CAkey root.key -set_serial 04 -out client_from_root.crt
|
|
25
|
+
|
|
26
|
+
# verify :allthethings
|
|
27
|
+
openssl verify -CAfile root.crt server_from_root.crt
|
|
28
|
+
|
|
29
|
+
# create pkcs8 versions of all keys
|
|
30
|
+
openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in client_from_root.key -out client_from_root.key.pkcs8
|
|
31
|
+
openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in server_from_root.key -out server_from_root.key.pkcs8
|
|
32
|
+
|
|
33
|
+
# create pkcs12 keystores (pass:12345678)
|
|
34
|
+
openssl pkcs12 -export -in client_from_root.crt -inkey client_from_root.key -out client_from_root.p12 -name "client_from_root" -passout 'pass:12345678'
|
|
35
|
+
|
|
36
|
+
# use java keytool to convert all pkcs12 keystores to jks-format keystores (pass:12345678)
|
|
37
|
+
keytool -importkeystore -srckeystore client_from_root.p12 -srcstoretype pkcs12 -srcstorepass 12345678 -destkeystore client_from_root.jks -deststorepass 12345678 -alias client_from_root
|
|
38
|
+
|
|
39
|
+
# cleanup csr, we don't need them
|
|
40
|
+
rm -rf *.csr
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIGATCCA+mgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQGEwJMUzEL
|
|
3
|
+
MAkGA1UECAwCTkExEzARBgNVBAcMCkh0dHAgSW5wdXQxETAPBgNVBAoMCExvZ3N0
|
|
4
|
+
YXNoMQ0wCwYDVQQDDARyb290MB4XDTIxMTEyNDEwMjEzMloXDTI0MTEyNDEwMjEz
|
|
5
|
+
MlowUzELMAkGA1UEBhMCTFMxCzAJBgNVBAgMAk5BMRMwEQYDVQQHDApIdHRwIElu
|
|
6
|
+
cHV0MREwDwYDVQQKDAhMb2dzdGFzaDEPMA0GA1UEAwwGY2xpZW50MIICIjANBgkq
|
|
7
|
+
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzz7tc52SXN84bP8/009HnfkDMGhqvNgi
|
|
8
|
+
oO+kza7PT1O7jcA3i0hh1r2N4xUIllc3cSvcfFK/sw8mAFPGE6lMIPAWHnsFipd1
|
|
9
|
+
6rrk7jIVEgBE7ZUYuqWRRQ7ULV1a3LTxCn7XUrtk1bbrLgPRcoUev81L19AQZQ6R
|
|
10
|
+
DGv9MyFE2X71lvchj09eLh4RcR7/5Myj6ODtz5mYOIn8hqAaYCa6Zu0A54WbQd4p
|
|
11
|
+
xc/iuEQqpUJNcXdVJyNAzhDQq/oMImWgWs/nuMIrCV0WXttGsOnztxsftytsNtnP
|
|
12
|
+
SOBuULhRdDrkV16u7zMftANBWdoWIcdbc6ipr17ZrqySmioSWHk5YcsRwP6Em9Hq
|
|
13
|
+
SHgNXSDkb3+TPQX/XG2cmaPI+a8yTvgV1igMbzDYEznfqOhNG/28jTGo36iMt+R1
|
|
14
|
+
ZrDWoIxRqSKq7WAiGmnKZKiy4xV4Ze3zekx7xse/S/OxmWvOCYN0+aLFgxNuizX5
|
|
15
|
+
PpY6PhwJ/+I5JpbH2pXwuPsFMAyt5vwmcrS6k7O3vvUml7mwHQVQTqrNEvPHDwxe
|
|
16
|
+
H6n2LiW7Bbana12rkdMU5mXwBMMTVz1sjOZnzM1M+JEoce3UXfGuflhG7amOhPJf
|
|
17
|
+
Aj7vMR6kilzATFjmx1hdqqHzNARkeuxLhUzpdgKnk3nEmYPKx1MB7Y4FvpSEoTPV
|
|
18
|
+
K3rPkMHQm6UCAwEAAaOB4TCB3jAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIF
|
|
19
|
+
oDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgQ2xpZW50IENlcnRp
|
|
20
|
+
ZmljYXRlMB0GA1UdDgQWBBTXHNdFAtzeVD56PI6/Mu/wVzDCyzAfBgNVHSMEGDAW
|
|
21
|
+
gBSn18dv3u0R/O/LDPC7h+wHlcpFqDAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYw
|
|
22
|
+
FAYIKwYBBQUHAwIGCCsGAQUFBwMEMBoGA1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAA
|
|
23
|
+
ATANBgkqhkiG9w0BAQsFAAOCAgEAE23qZ7HfFubCXYCzGxTq+zzMAId5rUn8Cnav
|
|
24
|
+
9eEGdofjkRRHJnW1yM8AmblbwxM8fs6SrQtujhGNFWEsGuXDoFFG6ID06eFsC1yC
|
|
25
|
+
RpKme0PRsKruBn8Na5Z2jeZ0SWKvW+1ZlvosMhQQh6QaNf7VTNVizJD+J34QxFeH
|
|
26
|
+
N66/Fh8/sh0ZooFy791japEtec8HJIBHNPrJprqYnzosKTRnYSLJpiCP9ksordMS
|
|
27
|
+
rTHWGDRnUXu1ggWanopt5wZfICG92gi8rROEk4fwFUy93E+WEzv8XCXpRxZqhdJf
|
|
28
|
+
V+jPoUHo4ZOnM8uFna5Y/o+DiVOdPXgn9xspe5qhEvU8upsvKRVNlfAXVGWjiG13
|
|
29
|
+
ZdR3PvGITplFhNkBAuPIf1Z/xTF0e8JzQSSC2CtThGuCJz9uSB6zpnxjODKxAqFX
|
|
30
|
+
IbbH8Tnf8q6nEJm0RbMOyAc/HvX2eei1TV1XD9StL/M/2n0bCn/+s4peT4/qOy2T
|
|
31
|
+
zqQYTe45RknishUiMiv00//W5LNImjb0THHxQ1kQxi7Tlk0dZ5CPUjMfBVCt+Gdo
|
|
32
|
+
EQMjeGjvjfRvKtGzhtMDmkA3Oc8iOiaaR7mSU+ZjslDlRYnPKicbls673ttL3rx8
|
|
33
|
+
R//PwWeZcBWkbowOYNJnjaiySpoO3WVEGMA8mUw4SEtlga6760cN4+e4pKnzo1sR
|
|
34
|
+
P1W1gRQ=
|
|
35
|
+
-----END CERTIFICATE-----
|
|
Binary file
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
|
2
|
+
MIIJKAIBAAKCAgEAzz7tc52SXN84bP8/009HnfkDMGhqvNgioO+kza7PT1O7jcA3
|
|
3
|
+
i0hh1r2N4xUIllc3cSvcfFK/sw8mAFPGE6lMIPAWHnsFipd16rrk7jIVEgBE7ZUY
|
|
4
|
+
uqWRRQ7ULV1a3LTxCn7XUrtk1bbrLgPRcoUev81L19AQZQ6RDGv9MyFE2X71lvch
|
|
5
|
+
j09eLh4RcR7/5Myj6ODtz5mYOIn8hqAaYCa6Zu0A54WbQd4pxc/iuEQqpUJNcXdV
|
|
6
|
+
JyNAzhDQq/oMImWgWs/nuMIrCV0WXttGsOnztxsftytsNtnPSOBuULhRdDrkV16u
|
|
7
|
+
7zMftANBWdoWIcdbc6ipr17ZrqySmioSWHk5YcsRwP6Em9HqSHgNXSDkb3+TPQX/
|
|
8
|
+
XG2cmaPI+a8yTvgV1igMbzDYEznfqOhNG/28jTGo36iMt+R1ZrDWoIxRqSKq7WAi
|
|
9
|
+
GmnKZKiy4xV4Ze3zekx7xse/S/OxmWvOCYN0+aLFgxNuizX5PpY6PhwJ/+I5JpbH
|
|
10
|
+
2pXwuPsFMAyt5vwmcrS6k7O3vvUml7mwHQVQTqrNEvPHDwxeH6n2LiW7Bbana12r
|
|
11
|
+
kdMU5mXwBMMTVz1sjOZnzM1M+JEoce3UXfGuflhG7amOhPJfAj7vMR6kilzATFjm
|
|
12
|
+
x1hdqqHzNARkeuxLhUzpdgKnk3nEmYPKx1MB7Y4FvpSEoTPVK3rPkMHQm6UCAwEA
|
|
13
|
+
AQKCAgBbiP2zvPryTh1L9wknubJ2EY/ZB6VtN0FEN9RgjD9AWElUeHuP5y5ffGV4
|
|
14
|
+
0Md0L51rPOYrexj0a1JrfpTUBkh7m88JM2jlJ7SLMnT+x9wKkVfgX6QGfC5HhB8u
|
|
15
|
+
0jbZmImGCzPrdJ06z4ncTw9pN2a3bGN9NIapO9/QzrmMpbsVHUA3p3uJIpMEZ39o
|
|
16
|
+
qTp4wfH7X61prftPrZJ9m6VKppBZ+YAWwioq04c7uW/31xPG3hv6a6yOlsF+wmqI
|
|
17
|
+
Ku7FGoHS2lUMg6Yigpzo1IzKguqEC1TcwC8Rou4s0AOpX1+KqKBF/qnhOIFeLrnk
|
|
18
|
+
h7CSxsybrvkTXh9jSRGPSdnEffZbcZtw9XagD+fg6mYrqQH95Tfp83pDEAMtoe5e
|
|
19
|
+
cSGoLbt9c1Et9rtWcosFTxzLTWSOjme5qomsDZxlZpFt5YML14aCgMafMnWLGhwB
|
|
20
|
+
hX9NfdYGJ1Sqit5CM1MCoLAvWfW+5OeR28Wn9n5P3gBsvw+2aPLrdD6EeCJHMq9k
|
|
21
|
+
jDJXJsuWQhbZqapnIGn6kiOqHpQxPf2Q4VkkA6zDbtcy9e9QsKNFFcP4z1p2crBg
|
|
22
|
+
QhVvdLw3tOqoleJZV5Nn7wv0tzHSV4ccyoFl2j3CNFl6qG39J3Xtkm+ecWQyaZYt
|
|
23
|
+
vAF4hK7LsoLbJi2EYLRXsQj9H/LocD7D1AHLgwT0mK0ZwEfRAQKCAQEA7MWkosMJ
|
|
24
|
+
MITK0nsQStNq2UV+BI2Hfou1q65KAQQOgrOgSFmb/rijSSkZknlU20iEBWaJebep
|
|
25
|
+
i9fCzDdJLkjZ6ISzMyxIfhS0//mlYE4Xcz0APcT54tnhQ8n38qId1CkC7K3sViY7
|
|
26
|
+
3ufwr6ALExrRZ/0paNtuLA0bvIIyPXA28DbGThdpjPGS5rCwMWAnT81RWN7uvEyO
|
|
27
|
+
0dt4oCunLgjrP+22NpQbnQvVN6kgW8tPVl8p2w3fRY3JINjRlJDZeACzV1zQ/tVy
|
|
28
|
+
ZlbLsfoMUOsR93Dt+lCZua4Tdt3DCiB3C0yJt05FYqS8ZFJwq0Yoynrdo1bxi9Rt
|
|
29
|
+
dp8S5N+0nu3RIQKCAQEA4BNzZMNYhTO+nNv8/9TIO+lSBFNwVtKB95vlA7OpX0I8
|
|
30
|
+
0W+0eOqy1nf7Df60B58kZ3Dop+VAzIooGmeVkW1+9BVn1b929XwUcvEjhBdWDran
|
|
31
|
+
XMg5ai/JKbrTw2bAPdFcIRDTQZgDz4DlOEQIsbFHIPxumloVXVv824qfLolhgFpS
|
|
32
|
+
y7uYGJ9/tsncdWtbPJNIKCTOxmp7KZyAsaVLpjjK9MVv8poHwTrFv5ziJyoo460/
|
|
33
|
+
hD8L3E4uzXe6ydTzgtYpTfyFwVyvLathx4aVjGWGtdWcvApB6rivFaP6ZRdZGU2n
|
|
34
|
+
9g34mQAumkJzg0XlVJzZulSgVEpkw2prvaG6TezGBQKCAQBi/Z7/jZth9aL2rQz6
|
|
35
|
+
u7mIbU1qieGEPtUNmijGk/OdIYx5sz1NGdTq2YwfeSrJI2BPAbeoc+km1mZTCypF
|
|
36
|
+
d5/jXtetJW6JiA7ElpNV2FBllbNsH9Z5ya4ssVxAzRa7hQn7+hs9SW7umvo98yOu
|
|
37
|
+
MSAr4eRWOqetMy3NeoGWvju54qy2KYOvsbBBUs3XVuQYsTa5eTtG7psnkiK0lIuo
|
|
38
|
+
64GvkKsF1pZU6oWSZ9tnhXD+I3tUYlBevBDC8uNswcKqMWDJvbyDTqotr0wqdOiB
|
|
39
|
+
TEaOtWBJrzkWMHli0QSiT0B2MOHDCa5ot4csSmtgsEyNmyDfEZKba4z4czlrBzx0
|
|
40
|
+
1ekBAoIBABxGmBMpC2yToQQORpjJ8xKMWMsu9EggfEIQrA+Rhlf89cu/+tgfVb32
|
|
41
|
+
mfmkIHetv1xGRTWamli1PmZGl/soBBMs+FNiu9IyfCoc/8xVXYixx+DPa19Y9FuN
|
|
42
|
+
tdc8ihnC54tMojvuwNxYeZRmEWrK4hzpfdOAdp23U+soTPoEYAdgXn5TB9hjmCwq
|
|
43
|
+
wOUYTQUR2NMoAefL3AreMuc34pnxJLtKhtvoT/40Omv5khg7G7nPTOqVQhvkyccn
|
|
44
|
+
yqxZcPkbqU6sBPzngzuSGt6gvxJeZWdgs0yPRs4lzAJBFQHYtmeZAw7rqGk2OqtA
|
|
45
|
+
o273TP8mY9s9fpXkZV67eSkO1YGr1TkCggEBAIQ3aI6TqDd5Wp52IM/beSxhg5+A
|
|
46
|
+
Vt+hI4Gdc0mNLJTm8/l3nd+uQpPVmuVBosfaXQK+IWDLDP4II6qBFUfOD95eK76O
|
|
47
|
+
Y4LJNvO3urQOh56bujnZ1ZgeKeUU36itgtp+YbYUHMSUA9BFlUr0n00POovili/M
|
|
48
|
+
BfHy8pcAB0EvY/B2k00v/Uj8kwbBvu1NNhUDzhUCVQM06b6SqLIA7/UeDHUYnYMJ
|
|
49
|
+
s3w6Eqo8yaHQJkY5DlJfO4JoXe1pZQNm3d2bAQG4vzIbyHFk2yShXTQuV5YNIATh
|
|
50
|
+
cKLW7xpRoDIciZVu6m4aiYw1kABty9UTSk0jKu86RjM0Epb/LnUG1qtSpPI=
|
|
51
|
+
-----END RSA PRIVATE KEY-----
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
-----BEGIN PRIVATE KEY-----
|
|
2
|
+
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDPPu1znZJc3zhs
|
|
3
|
+
/z/TT0ed+QMwaGq82CKg76TNrs9PU7uNwDeLSGHWvY3jFQiWVzdxK9x8Ur+zDyYA
|
|
4
|
+
U8YTqUwg8BYeewWKl3XquuTuMhUSAETtlRi6pZFFDtQtXVrctPEKftdSu2TVtusu
|
|
5
|
+
A9FyhR6/zUvX0BBlDpEMa/0zIUTZfvWW9yGPT14uHhFxHv/kzKPo4O3PmZg4ifyG
|
|
6
|
+
oBpgJrpm7QDnhZtB3inFz+K4RCqlQk1xd1UnI0DOENCr+gwiZaBaz+e4wisJXRZe
|
|
7
|
+
20aw6fO3Gx+3K2w22c9I4G5QuFF0OuRXXq7vMx+0A0FZ2hYhx1tzqKmvXtmurJKa
|
|
8
|
+
KhJYeTlhyxHA/oSb0epIeA1dIORvf5M9Bf9cbZyZo8j5rzJO+BXWKAxvMNgTOd+o
|
|
9
|
+
6E0b/byNMajfqIy35HVmsNagjFGpIqrtYCIaacpkqLLjFXhl7fN6THvGx79L87GZ
|
|
10
|
+
a84Jg3T5osWDE26LNfk+ljo+HAn/4jkmlsfalfC4+wUwDK3m/CZytLqTs7e+9SaX
|
|
11
|
+
ubAdBVBOqs0S88cPDF4fqfYuJbsFtqdrXauR0xTmZfAEwxNXPWyM5mfMzUz4kShx
|
|
12
|
+
7dRd8a5+WEbtqY6E8l8CPu8xHqSKXMBMWObHWF2qofM0BGR67EuFTOl2AqeTecSZ
|
|
13
|
+
g8rHUwHtjgW+lIShM9Ures+QwdCbpQIDAQABAoICAFuI/bO8+vJOHUv3CSe5snYR
|
|
14
|
+
j9kHpW03QUQ31GCMP0BYSVR4e4/nLl98ZXjQx3QvnWs85it7GPRrUmt+lNQGSHub
|
|
15
|
+
zwkzaOUntIsydP7H3AqRV+BfpAZ8LkeEHy7SNtmYiYYLM+t0nTrPidxPD2k3Zrds
|
|
16
|
+
Y300hqk739DOuYyluxUdQDene4kikwRnf2ipOnjB8ftfrWmt+0+tkn2bpUqmkFn5
|
|
17
|
+
gBbCKirThzu5b/fXE8beG/prrI6WwX7Caogq7sUagdLaVQyDpiKCnOjUjMqC6oQL
|
|
18
|
+
VNzALxGi7izQA6lfX4qooEX+qeE4gV4uueSHsJLGzJuu+RNeH2NJEY9J2cR99ltx
|
|
19
|
+
m3D1dqAP5+DqZiupAf3lN+nzekMQAy2h7l5xIagtu31zUS32u1ZyiwVPHMtNZI6O
|
|
20
|
+
Z7mqiawNnGVmkW3lgwvXhoKAxp8ydYsaHAGFf0191gYnVKqK3kIzUwKgsC9Z9b7k
|
|
21
|
+
55Hbxaf2fk/eAGy/D7Zo8ut0PoR4Ikcyr2SMMlcmy5ZCFtmpqmcgafqSI6oelDE9
|
|
22
|
+
/ZDhWSQDrMNu1zL171Cwo0UVw/jPWnZysGBCFW90vDe06qiV4llXk2fvC/S3MdJX
|
|
23
|
+
hxzKgWXaPcI0WXqobf0nde2Sb55xZDJpli28AXiErsuygtsmLYRgtFexCP0f8uhw
|
|
24
|
+
PsPUAcuDBPSYrRnAR9EBAoIBAQDsxaSiwwkwhMrSexBK02rZRX4EjYd+i7WrrkoB
|
|
25
|
+
BA6Cs6BIWZv+uKNJKRmSeVTbSIQFZol5t6mL18LMN0kuSNnohLMzLEh+FLT/+aVg
|
|
26
|
+
ThdzPQA9xPni2eFDyffyoh3UKQLsrexWJjve5/CvoAsTGtFn/Slo224sDRu8gjI9
|
|
27
|
+
cDbwNsZOF2mM8ZLmsLAxYCdPzVFY3u68TI7R23igK6cuCOs/7bY2lBudC9U3qSBb
|
|
28
|
+
y09WXynbDd9Fjckg2NGUkNl4ALNXXND+1XJmVsux+gxQ6xH3cO36UJm5rhN23cMK
|
|
29
|
+
IHcLTIm3TkVipLxkUnCrRijKet2jVvGL1G12nxLk37Se7dEhAoIBAQDgE3Nkw1iF
|
|
30
|
+
M76c2/z/1Mg76VIEU3BW0oH3m+UDs6lfQjzRb7R46rLWd/sN/rQHnyRncOin5UDM
|
|
31
|
+
iigaZ5WRbX70FWfVv3b1fBRy8SOEF1YOtqdcyDlqL8kputPDZsA90VwhENNBmAPP
|
|
32
|
+
gOU4RAixsUcg/G6aWhVdW/zbip8uiWGAWlLLu5gYn3+2ydx1a1s8k0goJM7Gansp
|
|
33
|
+
nICxpUumOMr0xW/ymgfBOsW/nOInKijjrT+EPwvcTi7Nd7rJ1POC1ilN/IXBXK8t
|
|
34
|
+
q2HHhpWMZYa11Zy8CkHquK8Vo/plF1kZTaf2DfiZAC6aQnODReVUnNm6VKBUSmTD
|
|
35
|
+
amu9obpN7MYFAoIBAGL9nv+Nm2H1ovatDPq7uYhtTWqJ4YQ+1Q2aKMaT850hjHmz
|
|
36
|
+
PU0Z1OrZjB95KskjYE8Bt6hz6SbWZlMLKkV3n+Ne160lbomIDsSWk1XYUGWVs2wf
|
|
37
|
+
1nnJriyxXEDNFruFCfv6Gz1Jbu6a+j3zI64xICvh5FY6p60zLc16gZa+O7nirLYp
|
|
38
|
+
g6+xsEFSzddW5BixNrl5O0bumyeSIrSUi6jrga+QqwXWllTqhZJn22eFcP4je1Ri
|
|
39
|
+
UF68EMLy42zBwqoxYMm9vINOqi2vTCp06IFMRo61YEmvORYweWLRBKJPQHYw4cMJ
|
|
40
|
+
rmi3hyxKa2CwTI2bIN8RkptrjPhzOWsHPHTV6QECggEAHEaYEykLbJOhBA5GmMnz
|
|
41
|
+
EoxYyy70SCB8QhCsD5GGV/z1y7/62B9VvfaZ+aQgd62/XEZFNZqaWLU+ZkaX+ygE
|
|
42
|
+
Eyz4U2K70jJ8Khz/zFVdiLHH4M9rX1j0W4211zyKGcLni0yiO+7A3Fh5lGYRasri
|
|
43
|
+
HOl904B2nbdT6yhM+gRgB2BeflMH2GOYLCrA5RhNBRHY0ygB58vcCt4y5zfimfEk
|
|
44
|
+
u0qG2+hP/jQ6a/mSGDsbuc9M6pVCG+TJxyfKrFlw+RupTqwE/OeDO5Ia3qC/El5l
|
|
45
|
+
Z2CzTI9GziXMAkEVAdi2Z5kDDuuoaTY6q0CjbvdM/yZj2z1+leRlXrt5KQ7VgavV
|
|
46
|
+
OQKCAQEAhDdojpOoN3lannYgz9t5LGGDn4BW36EjgZ1zSY0slObz+Xed365Ck9Wa
|
|
47
|
+
5UGix9pdAr4hYMsM/ggjqoEVR84P3l4rvo5jgsk287e6tA6Hnpu6OdnVmB4p5RTf
|
|
48
|
+
qK2C2n5hthQcxJQD0EWVSvSfTQ86i+KWL8wF8fLylwAHQS9j8HaTTS/9SPyTBsG+
|
|
49
|
+
7U02FQPOFQJVAzTpvpKosgDv9R4MdRidgwmzfDoSqjzJodAmRjkOUl87gmhd7Wll
|
|
50
|
+
A2bd3ZsBAbi/MhvIcWTbJKFdNC5Xlg0gBOFwotbvGlGgMhyJlW7qbhqJjDWQAG3L
|
|
51
|
+
1RNKTSMq7zpGMzQSlv8udQbWq1Kk8g==
|
|
52
|
+
-----END PRIVATE KEY-----
|
|
Binary file
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIFkzCCA3ugAwIBAgIUaxaJxbTdJbY8LgQDDEur7n4wqoUwDQYJKoZIhvcNAQEL
|
|
3
|
+
BQAwUTELMAkGA1UEBhMCTFMxCzAJBgNVBAgMAk5BMRMwEQYDVQQHDApIdHRwIElu
|
|
4
|
+
cHV0MREwDwYDVQQKDAhMb2dzdGFzaDENMAsGA1UEAwwEcm9vdDAeFw0yMTExMjQx
|
|
5
|
+
MDIxMjlaFw0yNjExMjQxMDIxMjlaMFExCzAJBgNVBAYTAkxTMQswCQYDVQQIDAJO
|
|
6
|
+
QTETMBEGA1UEBwwKSHR0cCBJbnB1dDERMA8GA1UECgwITG9nc3Rhc2gxDTALBgNV
|
|
7
|
+
BAMMBHJvb3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCwVfl113eq
|
|
8
|
+
oUSLcw0Xrp1H0UoRLrQoo4h88HtspnJwuTok2PiEIbhUebufzK0nF2ZybVJYiC0Z
|
|
9
|
+
JJuSqicMCm9VpznJVRNNT/a7gMcF4j0lYdT2Yuxw2yaCZcvCffVIRU0LIUjj2bXa
|
|
10
|
+
83ibuuphfwcm+C3bJ5xWN65F0Txe7mCh8PQ+X0v0peNjkdGHt1LFP3qFV67ssNtx
|
|
11
|
+
jeVB35rmKL/OD8gr9fNHFF5B5A8DXniLpohJZLrVFLw455Fyhx+GS+ZQpaHxfneI
|
|
12
|
+
hMfftflfabXZNO/pzbSHJShKhIboAfM/bXX5cnilIeLBwko/WPtO81M13rX+e3VF
|
|
13
|
+
UFxtXor2z1MhoV01+PfVtTem0iinkYJUtulfrGvolgaQhV+UhgoOuvmYQkj7pmd/
|
|
14
|
+
41pRarhxKp5jRjz3TEfY6PZjGV7vF2Q9IAk2yAUvAhY8qER+eGZe5krUKBV1gLww
|
|
15
|
+
zOplQMerG3+Jrm1Fk6sDGw0wJIQUCu3P3nhQTqyqx8z5Sk5dWPMQBkbJMtUIdFOD
|
|
16
|
+
/JxJWb171xkH1VNH9zXJfAzHVpk1cgVruF1VtepceQh0rW6E7Lc+Avbg23Zr06fj
|
|
17
|
+
kklKNaKabScl7uE7LiGhSpV6N2MJURtJB9jI9oRdYDCBhLihDbn33MrdseOzuWgd
|
|
18
|
+
uWZtvUzPKWuzTLpFnnF3krwgUm8TZW81MQIDAQABo2MwYTAdBgNVHQ4EFgQUp9fH
|
|
19
|
+
b97tEfzvywzwu4fsB5XKRagwHwYDVR0jBBgwFoAUp9fHb97tEfzvywzwu4fsB5XK
|
|
20
|
+
RagwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
|
|
21
|
+
BQADggIBAEC17d/UJpmABMNmV9PMbt5NjiD+dDi8rnE05zXQXhJWm2vZh0nLC3sc
|
|
22
|
+
QAJCep5xEHRzOSYSrOihzHF/Pk1Zdl4ly0SZHPtNdipphqWE/Vl9GaQahq8HZg1Y
|
|
23
|
+
CjGQvr0MFe4ikOGRkGw9Vp8lR4XXUJxv4VegpX3BRy2+hTgi21kV4X0a5eZ17Li9
|
|
24
|
+
MTljj22vxlypRIu0Jw4BPT0iayc8DivPI4vshUUFc+MLB/1h8OdY19KtoscMaIjk
|
|
25
|
+
90xDyAeL6/xxL4ZWDrXEUsxxoakt4vRJaCQ2hCLSVk8isQfzJhkSDqEkK5Ypo+D0
|
|
26
|
+
qDn8eL3w06qA1SvvtxVvKOAHHBLlb8ENoRUtBjTzBNQa2t/zDULogwTQbcY7JpwH
|
|
27
|
+
FAVXBfqKQ0pLuVuPeTaE6K7eE0p0/upE78FFOsmfoOL34ziw6imTyOgnmYNsmY19
|
|
28
|
+
Q8rE4n3hKCd4S/Vl2In9Ly8XAQpj5BYLRqxuMkx57oYQ4byr1vVas7iUIXAZSRIi
|
|
29
|
+
W9f+9wZ+L99tgXVIKWaA2xD24lGKfr6WKnazUJYRRJifBE3VFgydbewVePRmPbMC
|
|
30
|
+
P4OAVX4ERUZXuP6zpfm5rZvgesoe0ZCDIPT2U+im8OnUq1saODBuh8Frx3BXIGVx
|
|
31
|
+
zUQzkIYc5+zF5a4LGN2AlCr3kTEJuE3rgEKwA/gGFqYBw3CfOrhH
|
|
32
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
|
2
|
+
MIIJKQIBAAKCAgEAsFX5ddd3qqFEi3MNF66dR9FKES60KKOIfPB7bKZycLk6JNj4
|
|
3
|
+
hCG4VHm7n8ytJxdmcm1SWIgtGSSbkqonDApvVac5yVUTTU/2u4DHBeI9JWHU9mLs
|
|
4
|
+
cNsmgmXLwn31SEVNCyFI49m12vN4m7rqYX8HJvgt2yecVjeuRdE8Xu5gofD0Pl9L
|
|
5
|
+
9KXjY5HRh7dSxT96hVeu7LDbcY3lQd+a5ii/zg/IK/XzRxReQeQPA154i6aISWS6
|
|
6
|
+
1RS8OOeRcocfhkvmUKWh8X53iITH37X5X2m12TTv6c20hyUoSoSG6AHzP211+XJ4
|
|
7
|
+
pSHiwcJKP1j7TvNTNd61/nt1RVBcbV6K9s9TIaFdNfj31bU3ptIop5GCVLbpX6xr
|
|
8
|
+
6JYGkIVflIYKDrr5mEJI+6Znf+NaUWq4cSqeY0Y890xH2Oj2Yxle7xdkPSAJNsgF
|
|
9
|
+
LwIWPKhEfnhmXuZK1CgVdYC8MMzqZUDHqxt/ia5tRZOrAxsNMCSEFArtz954UE6s
|
|
10
|
+
qsfM+UpOXVjzEAZGyTLVCHRTg/ycSVm9e9cZB9VTR/c1yXwMx1aZNXIFa7hdVbXq
|
|
11
|
+
XHkIdK1uhOy3PgL24Nt2a9On45JJSjWimm0nJe7hOy4hoUqVejdjCVEbSQfYyPaE
|
|
12
|
+
XWAwgYS4oQ2599zK3bHjs7loHblmbb1Mzylrs0y6RZ5xd5K8IFJvE2VvNTECAwEA
|
|
13
|
+
AQKCAgEAhPqhINQ4A26QsZU3B2gAZluXvrN427jPwmDcw0gWv5mAFq+lYofHabVP
|
|
14
|
+
4CfLYNKNyLdWxTsUv4RS6lz1C2iHI5HzyzgkUUZ/bFGmRXKi6CEKKDDb3BP4y5eW
|
|
15
|
+
/PpeUn0op78XJ/VT5mV7y/0+qf3Q1/uLIV2S0ZY2D6LGI1UjfJyopKzbLAk6HSmn
|
|
16
|
+
WPDQM742WH6ShR6ursjyXiYRu4Z5dx2BuF1HdJAQsSIajFDfGXmiB682EmELvOIt
|
|
17
|
+
VrA9/toYOzNdmC/mVwbDcJrcD685my8Hykr93HkSFHgzAJ4P4gJbWJ2SC/4s8i/i
|
|
18
|
+
LDmfc5+eXd6xYtOZ0YbT3QrSQ2SAbHiWKbtCxCFeSwyMgM03NZ3gcFCofmq7HKnS
|
|
19
|
+
Y0MIvJbpYmraGV7yizNZzMk1qEn9CCEMlByEtc25tKg++MUh0u3DwtAOlCxj9SPI
|
|
20
|
+
TMvRKjDrzAqTj7GSuoF/Fdrg9QZmOCe0290PuPEnCAh0Pcg/FjInmfiY4YYy3FOx
|
|
21
|
+
suj4KfbaoIKMM84QROYjHeqme1RBaPHYnKZkBpPt7E1k6XcD4Tz3R7Y9x7T6vzjc
|
|
22
|
+
Y8GDUuXN/XhsjPSL9NYhl/vCx8i1CCCvwf2qRV1cbdv19tfGA9Kjp8JRHWFoGzXF
|
|
23
|
+
bSybhD7ConFKHo9SSRvPUrPODqsC2n9SdnZqVaXtgH/Mz1B01gECggEBANs4LRe3
|
|
24
|
+
oHrUyDN5xJx/WT4EoKP+CsbJ+cZzfE5gpY4zHDovVDgyJfk0zLByCP263bFgdIVr
|
|
25
|
+
nzEUu0DMJv96Am0gPzAEg6Z47/mYAICzFvUSCdg8kksREOf1EJmRKaAou3ywsTDS
|
|
26
|
+
l/9Fwx/aW+1hXxbrIDeQN9MbTlYo5zyKAt4qX035HNj4bdfQgkSPPoLGvvk9Yg7I
|
|
27
|
+
XEDZuywHzDTTl9iM/BdnCPv1J/nE3ohblOyir4qbRi9Pxrw4OtNwn9P9k5xbCR9S
|
|
28
|
+
iNoeC6bnxnD5aVvsUX0+K1BQYfQWRzhbdMvuoTsKCBkZJ7NmDgwSZgvBIotQ7+wQ
|
|
29
|
+
MeipchBrnalwvZECggEBAM3r4SDLMIooYJ9meLNc9gchPrgTiTUEOcY8XszO5hjr
|
|
30
|
+
4CZ4w45yoI/njqrmL1LwDmZOnC7e/WMfRwag8BdSRm2R6wX86Fw4RT2GRyJF6Ph9
|
|
31
|
+
Nx3GwcYEJ3X6hNyMzneJLloc56q81LWPvLTfTtQsLrh4FGH0V2d5z8IgB6NyWsfb
|
|
32
|
+
e7jL1IOYhiTWXWaoCsVdvcFqzBTgdEAE6Pp6Vf8eUb0Iv8b1lPT9cJ7SQENONNze
|
|
33
|
+
xq18YDwt6+BjQI2nnn6DbmBNkRV0CO2EiRvUJa2xQdSBN6dj8Hu95GRRYtnt0lH1
|
|
34
|
+
2AyuxbWSfM5NFWc/JyANK5FVP6r4ANQ2/8KS7GwdraECggEBAL/w8dqAVyz1Pc2E
|
|
35
|
+
Ype8EUFx/81W08y2b9JIr6BYktxs99wiMJV7ozAOAOLFFgZDJXT3RU7Eqn/o7QOR
|
|
36
|
+
PNwX0iQGRg0fBr4tycA6TMZjCEjP4HrKnjTH3ouaUUyEg3PN9kr40kwzOA604GH1
|
|
37
|
+
aOPxi7afbHf5+EcI85ARBFZHaLdpVkUJRy7aZiK+WDD7UvpiVjgYfNEAsXW+rlmh
|
|
38
|
+
AjWGxr8+wkMjXgRt5PCWZVnzBfQjhZvQ1KT8LsACY89aHzcYIbSXKOeZ9mU0RXOA
|
|
39
|
+
IIoudwebZMZKNtZ9ayayku1PdnZQnC77W5fOJKq5QrdjLKJCGqLs3QVOMMTMCClE
|
|
40
|
+
cKk5I2ECggEAT7YEYqZk9sYkiO+ov323uxDSb30Yes5U8vjBlbRte64rCZlr0cNr
|
|
41
|
+
hekT3/HU1d0ZJd8+NCKboXglDVrVNaHio119xcadx7z8iJFnDcxUH4SRBlS/A8Dt
|
|
42
|
+
6Yx9S8ax0bHnoHhZ8UzBZjrqyHU81YL43u2UrkpgXyzXEIVHj6yfmYfLv8AfVoV/
|
|
43
|
+
P9k/NJLOAJKF9s45i8dLGNENwpACpAv/hhZR7ll4PNGye7hVqfgnHGycKeHgessn
|
|
44
|
+
6KdjALKm9sA3xM2h4NUW86J/VKdtomvgWLtgaMqV98CNHYwnoMafyJxK8rXg0KWQ
|
|
45
|
+
7GcIZvwaUBzpBYwjZjI0V/GmVZJ8NGnUoQKCAQA1DZMysw+8VtnbRSP/XTyhLkOU
|
|
46
|
+
8VGJQ8Ho8dRv6ePooP1Fb7po+Gw3FqzxC9mUYfSErbIBPbpdQ4/SVgV41K1ob8zt
|
|
47
|
+
CJTMO+DEVS8lUtk8LhTWalV/xQ8ySwWbgm2epuLgpXamehbZj1/RMEWKgsWxqbck
|
|
48
|
+
sibB/g+qx7+Sx2CGFzRQRYrGCL5JKzT5Z4A3sV+REeD074kQzMqsCI1uSEMtfzWT
|
|
49
|
+
BAgZ5svGWum9xp6qWpqrB7dSx0hIJmF8Nd7GShcPq13/IpQc5IQqOezGScuV+f0q
|
|
50
|
+
UxJQyuTkXFOVcOyIZR7oATf2GTDVROBTz5WaobE/3TzrUxRxeKj1yWy7s+iZ
|
|
51
|
+
-----END RSA PRIVATE KEY-----
|